The proliferation of business-critical and sensitive electronic data creates a data security challenge, especially when sensitive data is collected in geographically distant locations and stored in multiple applications and databases for later processing.
Data encryption uses an encryption key to encrypt the sensitive data. The resulting encrypted data, sometimes called cipher text, can be stored in a database. The encrypted data is generally larger than the original value, requiring more space. Storing the encryption key in the same place exposes the encrypted data to easy decryption if the database is compromised.
Another layer of security is sometimes provided in the form a token that represents or acts as a pointer to the encrypted data. Token collision occurs when the same token is assigned to represent two different items of sensitive data. Most existing token-based solutions require a centralized implementation with a single data store in order to minimize the risk of token collision, and to ensure a one-to-one relationship between a token and the sensitive data it represents. Controlling or resolving token collision is a significant challenge, especially in computing environments with multiple active domains located in distant territories. Efforts at eliminating token collision have been unsuccessful.
The Luhn algorithm, also known as the modulus 10 algorithm, is a checksum formula that is frequently used to validate a variety of numbers, including credit card numbers, mobile phone identification numbers, health care provider numbers, Canadian social insurance numbers, and the like. When the Luhn algorithm is used to check the validity of sensitive data such as credit numbers, it adds an additional layer of complexity and creates problems that remain unsolved by existing token-based solutions.